The California Privacy Protection Agency (CPPA), the newly formed state agency responsible for implementing the California Privacy Rights Act (CPRA), recently posted its first invitation for public comment on proposed rulemaking activities under the CPRA. Here is what you need
Continue Reading California Privacy Protection Agency Issues Invitation for Preliminary Comments on Proposed Rulemaking Under the California Privacy Rights Act
Wilson Sonsini Goodrich & Rosati Blogs
Latest from Wilson Sonsini Goodrich & Rosati
Don’t Forget to Use the New SCCs to Transfer EU Personal Data as of September 27, 2021
As of September 27, 2021, companies relying on Standard Contractual Clauses (SCCs) to transfer personal data outside the European Union (EU) must use the new Standard Contractual Clauses (New SCCs) when signing data processing agreements. As a result, it is
Continue Reading Don’t Forget to Use the New SCCs to Transfer EU Personal Data as of September 27, 2021
CJEU Confirms Exceptions to One-Stop-Shop Mechanism Under the GDPR
On June 15, 2021, the Court of Justice of the European Union (CJEU) confirmed[1] that non-leading supervisory authorities (SAs) can initiate national judicial proceedings concerning cross-border data processing in two circumstances:[2] i) where there is an “urgent need”
Continue Reading CJEU Confirms Exceptions to One-Stop-Shop Mechanism Under the GDPR
California Attorney General Mandates CCPA-Covered Businesses Honor the Global Privacy Control and Announces Update on CCPA Enforcement Activity
Recently, the Office of the Attorney General of California announced three major updates that 1) added to the California Consumer Privacy Act’s (CCPA) opt-out rules related to the sale of personal information, 2) made it easier for consumers to participate
Continue Reading California Attorney General Mandates CCPA-Covered Businesses Honor the Global Privacy Control and Announces Update on CCPA Enforcement Activity
No Harm, No Foul: Supreme Court Narrows Article III Standing to Require That All Class Members Suffer a Concrete Injury in Fact
Overview
On June 25, 2021, the U.S. Supreme Court decided TransUnion v. Ramirez, which held that even when a statute has been violated, and that statute provided a private right of action, plaintiffs still need a concrete injury in
Continue Reading No Harm, No Foul: Supreme Court Narrows Article III Standing to Require That All Class Members Suffer a Concrete Injury in Fact
Colorado Becomes Third State to Pass New General Privacy Law
Colorado may soon enter the national stage for its new privacy legislation. On June 8, 2021, Colorado’s legislature passed the Colorado Privacy Act (SB21-190) (ColoPA). The bill was recently sent to the Colorado governor’s desk, where he will have until
Continue Reading Colorado Becomes Third State to Pass New General Privacy Law
Belgian DPA Approves Code of Conduct for the Cloud Industry
On May 20, 2021, the Belgian Supervisory Authority (Belgian SA) approved the EU Cloud Code of Conduct (EU Cloud CoC).[1] This is the first time that a Supervisory Authority has approved a transnational, industry-wide code of conduct under the
Continue Reading Belgian DPA Approves Code of Conduct for the Cloud Industry
EU Commission Publishes Template Data Processing Agreement
On June 4, 2021, the European Commission published its long awaited new set of Standard Contractual Clauses for outsourced data processing (DPA SCCs). These DPA SCCs are a contract template that organizations can use to comply with the General Data
Continue Reading EU Commission Publishes Template Data Processing Agreement
A New Data Transfer Mechanism Is Available for EU Personal Data
New Set of SCCs for Data Transfers to Third Countries
On June 4, 2021, the European Commission (EC) published its long awaited new set of Standard Contractual Clauses (New SCCs). This new data transfer mechanism allows for the
Continue Reading A New Data Transfer Mechanism Is Available for EU Personal Data
Locatefamily.com Fined EUR 525,000 for Failure to Appoint an EU Representative
On May 12, 2021, the Dutch supervisory authority (the Autoriteit Persoonsgegevens or AP) issued a press release on a EUR 525,000 fine against Locatefamily.com for failing to appoint an EU representative, with additional penalty payments pending should the violation persist.
Continue Reading Locatefamily.com Fined EUR 525,000 for Failure to Appoint an EU Representative